Account portal cors and auth changes
This commit is contained in:
parent
221a67fe5a
commit
3d15db2223
|
@ -6,8 +6,16 @@ import {
|
|||
SearchFilters,
|
||||
SortJson,
|
||||
} from "../../../definitions/datasource"
|
||||
import {Datasource, FieldSchema, Row, Table} from "../../../definitions/common"
|
||||
import {breakRowIdField, generateRowIdField} from "../../../integrations/utils"
|
||||
import {
|
||||
Datasource,
|
||||
FieldSchema,
|
||||
Row,
|
||||
Table,
|
||||
} from "../../../definitions/common"
|
||||
import {
|
||||
breakRowIdField,
|
||||
generateRowIdField,
|
||||
} from "../../../integrations/utils"
|
||||
import { RelationshipTypes } from "../../../constants"
|
||||
|
||||
interface ManyRelationship {
|
||||
|
@ -387,7 +395,11 @@ module External {
|
|||
* isn't supposed to exist anymore and delete those. This is better than the usual method of delete them
|
||||
* all and then re-create, as theres no chance of losing data (e.g. delete succeed, but write fail).
|
||||
*/
|
||||
async handleManyRelationships(mainTableId: string, row: Row, relationships: ManyRelationship[]) {
|
||||
async handleManyRelationships(
|
||||
mainTableId: string,
|
||||
row: Row,
|
||||
relationships: ManyRelationship[]
|
||||
) {
|
||||
const { appId } = this
|
||||
// if we're creating (in a through table) need to wipe the existing ones first
|
||||
const promises = []
|
||||
|
@ -399,8 +411,10 @@ module External {
|
|||
// @ts-ignore
|
||||
const linkPrimary = linkTable.primary[0]
|
||||
const rows = related[key].rows || []
|
||||
const found = rows.find((row: { [key: string]: any }) =>
|
||||
row[linkPrimary] === relationship.id || row[linkPrimary] === body[linkPrimary]
|
||||
const found = rows.find(
|
||||
(row: { [key: string]: any }) =>
|
||||
row[linkPrimary] === relationship.id ||
|
||||
row[linkPrimary] === body[linkPrimary]
|
||||
)
|
||||
const operation = isUpdate
|
||||
? DataSourceOperation.UPDATE
|
||||
|
@ -420,13 +434,17 @@ module External {
|
|||
}
|
||||
}
|
||||
// finally cleanup anything that needs to be removed
|
||||
for (let [colName, {isMany, rows, tableId}] of Object.entries(related)) {
|
||||
for (let [colName, { isMany, rows, tableId }] of Object.entries(
|
||||
related
|
||||
)) {
|
||||
const table = this.getTable(tableId)
|
||||
for (let row of rows) {
|
||||
const filters = buildFilters(generateIdForRow(row, table), {}, table)
|
||||
// safety check, if there are no filters on deletion bad things happen
|
||||
if (Object.keys(filters).length !== 0) {
|
||||
const op = isMany ? DataSourceOperation.DELETE : DataSourceOperation.UPDATE
|
||||
const op = isMany
|
||||
? DataSourceOperation.DELETE
|
||||
: DataSourceOperation.UPDATE
|
||||
const body = isMany ? null : { [colName]: null }
|
||||
promises.push(
|
||||
makeExternalQuery(this.appId, {
|
||||
|
@ -448,7 +466,10 @@ module External {
|
|||
* Creating the specific list of fields that we desire, and excluding the ones that are no use to us
|
||||
* is more performant and has the added benefit of protecting against this scenario.
|
||||
*/
|
||||
buildFields(table: Table, includeRelations: IncludeRelationships = IncludeRelationships.INCLUDE) {
|
||||
buildFields(
|
||||
table: Table,
|
||||
includeRelations: IncludeRelationships = IncludeRelationships.INCLUDE
|
||||
) {
|
||||
function extractNonLinkFieldNames(table: Table, existing: string[] = []) {
|
||||
return Object.entries(table.schema)
|
||||
.filter(
|
||||
|
@ -523,7 +544,10 @@ module External {
|
|||
// can't really use response right now
|
||||
const response = await makeExternalQuery(appId, json)
|
||||
// handle many to many relationships now if we know the ID (could be auto increment)
|
||||
if (operation !== DataSourceOperation.READ && processed.manyRelationships) {
|
||||
if (
|
||||
operation !== DataSourceOperation.READ &&
|
||||
processed.manyRelationships
|
||||
) {
|
||||
await this.handleManyRelationships(
|
||||
table._id || "",
|
||||
response[0],
|
||||
|
|
|
@ -42,7 +42,7 @@ export enum SourceNames {
|
|||
|
||||
export enum IncludeRelationships {
|
||||
INCLUDE = 1,
|
||||
EXCLUDE = 0
|
||||
EXCLUDE = 0,
|
||||
}
|
||||
|
||||
export interface QueryDefinition {
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -34,6 +34,7 @@
|
|||
"joi": "^17.4.0",
|
||||
"koa": "^2.7.0",
|
||||
"koa-body": "^4.2.0",
|
||||
"@koa/cors": "^3.1.0",
|
||||
"koa-compress": "^4.0.1",
|
||||
"koa-passport": "^4.1.4",
|
||||
"koa-pino-logger": "^3.0.0",
|
||||
|
|
|
@ -35,6 +35,7 @@ const PUBLIC_ENDPOINTS = [
|
|||
method: "GET",
|
||||
},
|
||||
{
|
||||
// TODO: Add an provisioning API key to this endpoint in the cloud
|
||||
route: "/api/global/users/init",
|
||||
method: "POST",
|
||||
},
|
||||
|
@ -46,6 +47,10 @@ const PUBLIC_ENDPOINTS = [
|
|||
route: "api/system/flags",
|
||||
method: "GET",
|
||||
},
|
||||
{
|
||||
route: "/api/global/users/tenant/:id",
|
||||
method: "GET",
|
||||
},
|
||||
]
|
||||
|
||||
const NO_TENANCY_ENDPOINTS = [
|
||||
|
|
|
@ -94,7 +94,7 @@ router
|
|||
controller.adminUser
|
||||
)
|
||||
.get("/api/global/users/self", controller.getSelf)
|
||||
.get("/api/global/users/tenant/:id", adminOnly, controller.tenantLookup)
|
||||
.get("/api/global/users/tenant/:id", controller.tenantLookup)
|
||||
// global endpoint but needs to come at end (blocks other endpoints otherwise)
|
||||
.get("/api/global/users/:id", adminOnly, controller.find)
|
||||
|
||||
|
|
|
@ -6,6 +6,7 @@ const Koa = require("koa")
|
|||
const destroyable = require("server-destroy")
|
||||
const koaBody = require("koa-body")
|
||||
const koaSession = require("koa-session")
|
||||
const cors = require("@koa/cors")
|
||||
const { passport } = require("@budibase/auth").auth
|
||||
const logger = require("koa-pino-logger")
|
||||
const http = require("http")
|
||||
|
@ -14,6 +15,14 @@ const redis = require("./utilities/redis")
|
|||
|
||||
const app = new Koa()
|
||||
|
||||
// TODO: Remove this when using envoy / nginx
|
||||
const accountPortalCors = {
|
||||
origin: "http://localhost:3001",
|
||||
credentials: true,
|
||||
}
|
||||
|
||||
app.use(cors(accountPortalCors))
|
||||
|
||||
app.keys = ["secret", "key"]
|
||||
|
||||
// set up top level koa middleware
|
||||
|
|
|
@ -499,6 +499,13 @@
|
|||
"@types/yargs" "^15.0.0"
|
||||
chalk "^4.0.0"
|
||||
|
||||
"@koa/cors@^3.1.0":
|
||||
version "3.1.0"
|
||||
resolved "https://registry.yarnpkg.com/@koa/cors/-/cors-3.1.0.tgz#618bb073438cfdbd3ebd0e648a76e33b84f3a3b2"
|
||||
integrity sha512-7ulRC1da/rBa6kj6P4g2aJfnET3z8Uf3SWu60cjbtxTA5g8lxRdX/Bd2P92EagGwwAhANeNw8T8if99rJliR6Q==
|
||||
dependencies:
|
||||
vary "^1.1.2"
|
||||
|
||||
"@koa/router@^8.0.0":
|
||||
version "8.0.8"
|
||||
resolved "https://registry.yarnpkg.com/@koa/router/-/router-8.0.8.tgz#95f32d11373d03d89dcb63fabe9ac6f471095236"
|
||||
|
|
Loading…
Reference in New Issue